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(54) CARD SYSTEM, IC CARD, AND RECORDING MEDIUM 

(57)Abstract: 

PROBLEM TO BE SOLVED: To provide a card system, etc., which can 
safely supply an application. 

SOLUTION: An IC card 4 stores a permission table where the hash value 
of an application allowed by a card issue center 1 to be supplied is set. 
The IC card 4 obtains the hash value of an application supplied from a 
service providing server 5, decides whether the hash value matches the 
hash value registered in the permission table, and stores the application 
in a prescribed area of the IC card 4 when they match each other, but 
performs prescribed error processing when not 
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n 5 5^ X i7 if ig;5s^n^"n^^ s n. 

WIHI C;«j-F«, 

*&Eft)^-fe>^';5^6(7)7:/U^r-v3 >0«S&l3^S^ 
L, WiB#l^3nfe7:/U'5r-v3>{rSo'ViT^xy 

taffig^x i7ff «*s^i6:t- S^^Utt, tifc 
7-/U ^r-v3 I C;?7- F®^S«lr|B1i 

L, 

Mia5^xyi7ft«/&s^ScL;^Vi«-&{:tt, ms»X7- 

[»*a3] miB5^x-y^^«anA-y;^^ffi^^tr, 
;i t tt^m^m 2 \zmm(Df3-Y v'XxAo 
[»*a4] mmvf^^--^Mzii. ^mmmizi^m 

zt^i^mt-r^mMm i xit2 izmmoti- f~>x5" 

[»«ja5] ti-}'Wn±>9\z^*)mn^nrci cti 

-FC. 'WS&-fe>3'lcj;?)tt^$tl§7:^U^r-v3> 
^tB1frs*-F->XTAffl© I C*-FTafe-3T, 
ttllB;?7- \i%n±>9 tr j; 0 ffil&^WBl$tife7yu 

MfB«|&ir>5'^>6ftl&$nfc7yiJ ir— >3 >;^stJfB 

«77'U^r-y3>?raMl C:ib-Fom 
ffl«CfB1tb, 

:ii:^#iS!i;-tS I C:^-F„ 
[W««6] ;^7-F«fTi^>^fcJ;t3^ff$nfcI C;^3 
-Ft. «^-lr>3'tJ;i3#t|&^tTS7yU'y-V3> 



*IE1t-r^:*3- F v'Xr AT*o T, 
MIE#i^>:?«, tlrieA-FI6fT-lr>3'*vf,^E1fffi 

mmicti-¥izm^L. 

ttlB#t^-ir>^;O^e.07y'J^-^3>&aMl C 
*-F(7)0f€fi«tiEtS:L, ^x>yi7jg^;^SX7-^^ 
^€wx7-«!ia5fr'5, 
10 ;ii:^#m<t-rS;<J-FvXxA. 

[»««7] WIBttS&-t>iS'tt, I C^J-FC7yU^r 
— >3>^«^-r^<!:t. 77''J'5r-v3>©«iSsS3fe© 
I C:^;-F*^S*-FffllS'm^5®#t. ®#bfcWia 
FiigiJ^^t7:/U >3 >il^Bij??-%*ME*- 
F56ff-t:>^i'ft^L, 

^(cSo'<7:^U^r-v3>icMri>1flS^, 

m'Sfm^\zi:om^^n^ i c;?7-F(7)ii-eiJt^^i:t 
t) o swEKiiEffi^s t Lxmm±>:$' \zmmb. 

20 WEI C:^j-Ftt, SKI C^-FOHSffltiTWES 
E1ffS®IEStt*5^x y ^Ti.. 
^ t*#i^t-rsSi*]1 6 fctB«©i3- F vXxAo 
CW^as] #^i?ti:>i?fi. I C^-Flr7:^U^r->' 

3>*#t|&t-St#, 77°U^r-ixH>©ftlS5fe©I C 

F & aK U . u /lam 1 7 U ^r— > 

3 >iisij^^swfB*- F«ff-ir>i$' mmh. 

ifE;^-Ff8ff-fe>^li. WEai!:i:WE7:/'J^r-v' 
3 >i«SiJ^^{rS'r?<7:/U^-s^a >tH1-Slff*$ 

mti- mn^yip (Drnxm^itbrz t © s we^ie 

i t ^ftiliit-^ 6 tfB«©;^ - F vXx Ao 
[»«a9] tttBI C*-FH. a»I C;?J-F[IfBtt 
StiTV^i>7:^U^r-v3 >©iJ|^t;:#^\ H'J^^^© 

I^M«®7yU ^— >3 >©«*&7C©«l&-t>^llffiiti& 

40 L, 

WSBttt^-tr>^'«. MBl CA-F*^5©ffll^iiE?l»^ 

itS#S^i:T?>tt«« 6 Tb^Sm^tnt^ 1 a(C|B« 
©;^-F>'X7Ao 

0] ;?j-F5Sff-lr>^{'J;t3^ffSnfcl C 
A- Ft. «S&-tr>^iri(3#tS&^*iS77'U^— >a 
>^ffiftT?>*-FvX5'Affl© I C*-Fi?*-3T, 
iflBI C;fj-Ftt. lirtB«^ir>^75SWtBi3-F%fT-tr 

60 iESttSr5"x>>^U 5"xyi'^S:^?iE^^^-r«-&, 
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3 

^Lt^W'^ht^ I C*-Ko 

3 >SfEeT^ I C*- F t bT«tg$-&?)/cJ6oyn 

0 my $ ti- ftlS-b > 5' J; #t|^ a ti§ 7 7° U ^— > 
taiEg^x >y i7 i^**SiE«i£^1-»^, tfrlBftiS^ > 3^ *^ 

a€:fT7m 

1 UT«flgS-&5 fcferoT'n if 7A ^Eii bfc 3 > H 3. 

[0 0 0 1 ] 

7 ttl&t >^5' J; >3 7'/U 'b— > a > 

[0 0 0 2] 

-b'Xiltt*) /05^-Fffl7:/U^->^3>$#fc^L 
T. I C*-FO^gWfiJfflS:iI§*-Fv;^T-A;^5^ 



(3) 

4 

(1^077"'; ^— >H >&gH© I C*- H{r^f'^7> 
n-FL, I C^3-Ft«^iiSn/t7yu^r-i/3> 

•9— t:X$g^t§ ;i <i:;^t-ct5o 
[0 0 0 3] 

[»Hj/5«Lj;7it-^^S] ±IEWJ;7^;?J-Fv 
-F'^®7:^U'^-v3>«tti!&$|»±U ^^^77^ 

[0 0 0 4] *fc. ->XxA«g^tt*ffi^1-m^> 

^7yu^->'3>«ftS&# (-tJ— t*;^S«#) ©EIE 
Lt5<h, ->X-rA©U';^Jl?>X£fiT$-&TU$3:fe 
[0 0 0 5] Sfc, :i;-Ffgff#tcl;<9#I C*-H^ 

20 [0 0 0 6] *fg?^«, ±aLfc»1ff(C^^T/^C$tlfc 

fccoT. 77°U ^— >3 >©{ftl&$^^t::fT'5 ' t/jtT 
^S*-FvXxA^Srff^T§:ii:&HWtT-5o * 
fc, 77'U^r-v3>cD#|&#©^.Mao 
m.mY. ■ Sfltr.1fbSI»±1-Sii;*ST€^;fJ-F'>Xx 

A^^aftfs^iai&ffioswfr^. *^bj 

tt, I C;«J-F'v®*-Fffl7^Uer-v3>C9S#i^ 
[0 0 0 7] 

a6, *^aj©^10«*('^5;d-F->X^A«> ^J- 
F^ff-fe>^fcJ;0»!fStifcl C;f3-FC, «|&ir> 

^iz^<omm^n^7-f^j ^r— >3 >^tBtst-s*- f 

vXxATafe^T. WtEIC*-F«. WSB;t3-F^fT 
-tr >^ D «*&;5^WBl^n^^7::f U ^r-v a > tll-r 

fc7yu ^r— >3 >*sMfBfr pix-^;u tss^nrvi 
5*^s*^&TOJL. tgfB77°u^r-va >mmmT 

40 i^I C*-F©BlTS«il^fciE1iL. WIB77'U^r— >3 

yfimmn^y'-fMz&m-^tixi^^^i^^m't. srs® 

[0 0 0 8] ::©J;3;4«figtrj:n«, lC*-Ffc^ 
— >3>4^>7>n-F-r5ll^t', ^©7:/'J^-v3 

n\zx^. yoyti-\it^mzti~\^%n±y^\z7 

yU^— >3>©iEy^ft$rp1V>.^fcit?);ii:/^i<, 
80 Fl^T-^©iEatt&5^x>7i'TS:it;^i^T^§fci^, ^ 
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5 

[0 0 0 9] ttKffW5^-7*;K-a, «-ffItE7^U^- 
HfrfB#t|&$tlfc7yU ^-V3 >^1^S I C;fj- FcDBt 

[0 0 10] w^a^x7^r«^^i/^y>/3.«&^^Tt> 
[0 0 11] ifiBfFBi7-^;i.{i«, §a«g|irj;§§ 
5fflv^T7y'J^r-'>3>(D5^xyi7Sff5;:i:Ji, 

i ^ ^« S# ^ i t T. {Silx. - H jetTTC i: 7 y 

[0 0 12] ^fc, *fgBJ©^2«li,#JCii5 I C:^)- 
fti^>^'lrj:i3ftS&$n57:/'J'^— >3>*E 

- H ^ff -fe > 3^ J; 10 #t|&*?l^ Bj ^ tlfc 7 y U '!r— > 3 

ffi^$nfc77°u ^— >3 >*stfrfefF^x-7>tSi^ 

$tlTt.i^;0^S^;5^$¥iJSiJL, tfrtS77°U i^-vg yti%^ 
3>&SKI C*"H0^€«i^tiateb. MSB7^U 

[0 0 13] *fe?3om3o«.^}r#5;^j-K-> 

F[r, #t^-k>^tj;i5ftl^&$n^7^U^— >3>& 

mmMm^ 1 7 y u ir- -> a > ^ wie i c * - f ic#t 

iE1i«®iE3tt^^xyi7L. 5^x'yi7i^*d5iE#^^ 
■r«-&, WfBtti^-tr>3^*^&(07yU^r— >3>^a^ 
I C;«j-F©Mfeffi«CIS1tL, 5^x-yi7i^^!0tx7- 

[0 0 1 4] :i(DJ:5fj:ttJES;ICj:tia« IC:^J-Ffc7 
7°U^r-v3 >$«|&-r^li#Ctt:^7-F%fT-tr>i5'fr J; 50 



- F?iff -Ir > ^ *^ S Mf S LT v^;^ v^it- b' X 
Jifl^-^t-AtliS I C;^J-F'^©7yU^r— >3>©g 
g^g^ltL. Si:^j:*-Fv7;xA$««-rsct75tT 

[0 0 15] ttlBtt^t>^tl, I C;f7-Ft7:/'J^r 
— >3>*#tJ&-rSt#> 7:/U^r-v3>©#tl&5t© 
I C;?3-F*^e;«7-Filgfm^&«j#t. B{#Lfe«HB 
Fi6S'm^<!:7yU ^r— >3 >aiSiJ??^^«flB*- 

F5ilff-fe>3'l;:«^LTt)J;<< WIE*- F^tf-fe>^ 
l±, tutB77°U er-->3 >ilSiJf?F^tS:3-< 7^U 'Jr- 
V 3 l;: HT -5 If S * . WIB* - F ^g'J ^ j; D #fe 
I C*-F©»TSt^llibf-t)©^|fifB^«1fS 

F«, aKlC*-F©a^fflV^TWfBmiElf#©IEa 
tt^5^x>;/i7UTfccfcVi. 
[0 0 16] im^y^X-t. I CA-Fi'77'U 
^r-va^SftiS&T^t^, 7:/U'/->'3>©«il&5t 

oic*-F*^e.ai?c;£5t#L, 3t#bfca?st7:^'j 

y-v'a >iSS'J»^SWE;t;- F5SfT-fe>i$'(3ffi)ii&LT 

fei<, ttrBH*-F5Sff-fe>3'li, WESL»<htlrE7^ 

Wa - F ir > ©»TBt^{b L :t © ^ 

J&L, Wtatti^-t>^*^C«il&Sn;^cWtB^fiElt$g©IE 
Sft^HffE;^- F^fr-lr >^©tl&fflViT?x bT 

[0 0 1 7] WIBI C*-F«, ^SI C;^7-FttB1i 

snTv^?>7yu^r-->3>-©Bij^t#v^ mmm<j^ 

7yU ^— >3 >(Cll1-S»iiE?f!«^#Beb, tfrlBffJ 
©7^U^r-i^3> OftltTC® «l&ir > ^' (I#t^ 
bTfeJ;<, HfftB«&-tr>^H, MtBI C:^f-F?5^^.© 
f J^iEM»^MIB*- FJgfTi: >^ t mft bT J; Vi. 

[0 0 18] z.fi\z^x^. rif^i'r-i/Byhncti- 
nzm^^n^&\zm^'\Ly^m~Ymf±y^ii^<b 
^mmn^mm^ft^b. •n-^mfx-ty'^n. «-ic 
* - F ^^7 T' u ^— > a tifc :i t mmz^ 

mt^^tf)^-^^^. Sfc, I C*-F7!>S7yU^r-^^ 

By(Dmmz-D\^xomm^m^±y'^\znhx%n 

b, #t|&t>^';5S-t©iiEBJ»^:^-F56fT-tr>5'tcaffi 

&7^U ^r— >3 >>itij^$*afci<h^it«t}efit-§ 
;it:^STt5„ *-F%ffir>^li. ^icfs- 
Ffc-t^v^T, 7:^U -5-— >3 >©^@SD;iij»&«tiit 

ffiST^^fc*, tt!^-fe>3^t>itbTjiiE^^^Wffl* 

[0 0 19] Sfc. *^HJ©^4©«.'^.t^§ I C:^- 
Fti. *-FMT-tr>^fcj;OMT$nfcI C:^-F 
#t^-k>i5'(;:J;0ttl&sn57:/Uir-v3>^SB 
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c * - H wfEfti&-tr > ^ Ammti - K mn± y^t^ 
[0 0 2 0] s^c, if.w^(!i%h<Dm.mz.'sk^%mk'^ 

flKlt-rs^K. taiBWS>J#airJ;i3«fE7:;^'J^r— > 

3 >;5SHfrfiafF Bix- $tiT tflgij ^ n 

[0 0 2 1 ] sfc. ^'^Hjcomeoii.^^tc^siai^^* 

ttl&-b>iS'}ciD#|^$n2>7:/U^— >3><£tB 

IB® bfcn > tf a-^^^i.?! y) -^mfmrnmiifi^h -> 

lES^S^t-*^, tfrfEtt*&-fe>^;5ie.©77°U^r-va 

x-^^^^^^x^-^^-rs-g-, m*©x9-fflffl*ff 

[0 0 2 2] 

[fiM©iiji©j^i8] £iT, *mmmmmm?> 

:^-FvXrA&0H^#figLTii?!-r€.o ^(D;J7-F 
->XtAH> *-F^tf^7!)5?iJffl#c*^LT»ffL;^c I 
C:^-F{C> 7:/'J^-v'a>©f^^l&^ (if-t*X^« 
tiD#t|t$n§a*©*-Fffl7:/U^— >3> 

[0 0 2 3] (^1 (Dmmmm) :^mmom i 

^tr#>s*- F-^XxAroi^;^^^**^^^^! 
■r. H^Sn^i^fc, ;i(D*-Fv7,xAtt. *-F 
%fT-tr>5'l<h, ga-fe>^2t. :^j-FMaS*3 
I C;^-F4t, #1^-t:X^ft^roiJ--k'X»ft 

[0 0 2 4] F^ff-t^^ 1 mmm\zMt^ i 



c;^J-F3©f^fT#^ff5o ;ioi c:^-F3ro^fTT 

tt> *-F^ff1:>3' Hi, #1)— t'xa#t^t-A-5*^ 
Efl■r§*- Fffl77°U ^r— >a >tl*-:31^T, ;fj- F 
ffl7^U^r-v3>fcMT^3f€©X-7> (»Blx- 

2;5^8S€®##^stj?.= ^tT, mm^^^nrz 
Brx-7';i.<h3fg©*- Fwa (*-FiD^) 

ff>i^*o I Cti- F 3 tiaSLT^frTSo 

[0 0 2 5] ti-mn±>-S' nzj;:y)^m-^tim-^ 

;t 5 ?55g«-r S * - F ffl 7 y U V a > C3 V ^ 
T, 7^U^r-S/3>ID, A-y->aM#®1ff«;*«, +)■ 

-t'xsft-y— A' 5 *Mgij-rsfc56®^t-h'x*ift# I 

[0 0 2 6] §a-b>3'2fi, *-F^ff-fe>^l*^5 
©S^li^SCT, ;*7-F58ff-fe>^l*«±^bfcfFnlT 

20 [0 0 2 7] :«J-FfflaSS*3«. I C*-FU-:5^/ 

n5i©PBl©x-^3ig«#Sff3. -NA^. *-F® 

as* 3 %m -^ip^x^^ntcts-Ymy-f'i'T- 

V 3 > © ^ 'i' > □ - F © S ?R S; - F U - :7 -f ^ 4 
^M-Ti C*-F4(rMb, ;intiJSi;Ti C:^i--F 
4*ie,SfiLfe;«j-F ID^**-Fffl7^U^r— >3 

- Fffl7::^'J ^-->3 > S-*- F U -y/^-f ^ Sr^L 
so T I C*- F 4 tmff#-r^. 

[0 0 2 8] IC;^-F4H, MPU, ROM> RA 
M. EEPROM^^#-r?> I C^-y:/&Mx., i©I 
05^-7 #iJx.m3fc^1-J;3K. MPU/O^ROM 
«trKtiS :/n y ^ A ^^ff-r § ;i i: J; D 
ni.MSI54 1 t^^tU 4 2 tAaj;'jft!lfflaB4 3 t^ii 

[0 0 2 9] ^7-Fj5La«7l53/4^e,©^ 

FMaa* 3 t-s#-r§„ ^lt. wm 4 1 ti, 

40 y>>>n-F$nfc:ti-Fffl77°U^r->'3>^:^j-F 
«^*3*^6^{it-?>i:. ^©;^J-Fffl7^U^r— > 
3 >©;>•;; ViM^fl^filc-rSo ^LT, SfiL;^c*-F 
ffl7:/U^r— >a>©77'U^r— >H>IDt. f^lfeL 

fcAi/i^o-fi^, ^tu 4 2£lE1tsnT^i^l^BI7— 
:/;^©»g^itM^■rso 

[0 0 3 0] jt«JL^c77'U^^-'>3>ID^itXA>y-> 

itt/5t-at-5«^CH. a»lfl54lH. ^©*-Fffl 
77^1;^— >3 >;&5:ji®:^j-F^fT-fe>^ 1 fcfPnlSfi 
;fcfe©T^5<hbT. ^t'J 4 2l;:i3^t5;^-Fffl77' 
50 U^r-v3>$|Eit1-^fe4^©fBti««t. Sflbfc;*? 
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(6) 



[0 0 3 1 ] Sfc, Jt«bfcr:/U^r-v3>IDS:at 
H ^fr-fe > ^7 1 Bj L fc * - H jl 7 7° U > 3 > T 

[ 0 0 3 2 3 'J 4 2 fFni5^-:/;k 

[0 0 3 3] 1t-tfXa«^t-A'5fi> IC*-K4-. 
© ;^ - H ffl 7 7° U ^r- V 3 > fflftft^ Srff 5 fcJi CD tf- 
A'Tab^c it-ifX^«1t-A5tt> ;^3-F«iaa*3 

JS§LT, SaT§*-Hffl7yU^— >3>*ll3^-& 

^m^m-^i^m^iiivx. 5*75«;j7-K«ia!a*3n 
[0 0 3 4] zomi(Dmmmm\z%^y-7.y'A 

fc*3V»T> I C*-F4fc:^J-Hffl77''jar— >3>^ 

D : BBB) «sj|«t-^*-Fffl77°'J^-V3> (7 
T'Uer-v's^ID : 12 3) ©^'i7>D- HM^^A 

^^mtb, 7yU^r— >3>ID ri2 3j (7)U-\i 
ffl77''J^— >3 >®i5^'7>P- h'SSiitfefc-t}— k* 
#ti^-A' 5 (Xxv7°Sl. S2) . 

[0 0 3 5] y'7>n-Hg5R*S«L/c-it-fXS#t 
■y— A-5tt, Ka-r57yU^^-V3>ID ri2 3j 
0;tr-Fffl77'U^r->'3>SSI^).aiLT, 
3S*3&^LTIC:^-F4CSIfflT5 Ux7:/S 
3) . 

[0 0 3 6] IC*-K4ta. Sffibfc:^7-Fffl7yU 
^— >3>fDliTA>7'>ri.fit r2 3j ) S 

7:/U^r-va>®7:/U^r-v3>ID ri2 3j 
t. ±mLrc/\yiya.i$. ^2 3i f)^, /^U4 2(CKti 
$nTV^«.-y--h:7,^fft# I D TBEBJ OfFliIx-7' 

[ 0 0 3 7 ] J:b6« Lfc 7^0 ^r-J^ 3 > I D^^CKa v 
ifi^s^ST?>«^, I C;^3-F4&S{iLfc;?7-Fffl 

77'uer-e/3>$, ^-\i^n±>^ if)^m^-^n 

Tti§iES;S77^'J^r->-3>-ecB?>tLT, /^•J4 
2©:^-Fffl77'Uy->'3>fflffi«fC^^-r5 (Xx 
y-^S 6) o 

[0 0 3 8] Sfc, m7.ii. it^vtzT-yud'-i^ay 



JO 



m-tizit. lC:?j-F4tt, Smbfc:*-Fffl7yu^r 
-V3>^, ;^-F»fT-fe>i? l*^e.0ffWS:St^TV^ 
7iV^^3;^j:7yU^r— >3>T*5c!:LT, ^SJx.tt. ^ 
0*-Fffl77'U^r-v'3>5:^;-Fffl7:/'J^-->3 

>m<D$mmmiztmt^:itf^<m^Lx. tj-i^m 
mff-r^ Uxy^s 7) , 

[0 0 3 9] ^OJ:5{cLT> IC*-F4fc^»*- 
10 FfefT-b>^ l*sfi=nIL.;^c*-Fffl7yu^r-5/3 >t 

-Fffl77'U^r-v3>^:/i7>n-Ft-SISH, 

Fffl7:/'J ^— >3 >0iE^tt£M=Br^-y;i/*# 
flgLT?x->5'-r^o ^rit;:j:D> ^^>D-F-r5a 
\zti- FlgfT-k^^ 1 Fffl7yu "r-z^a XDJE 

So 

20 [0 0 4 0] I c;^J-F4^r1#fi^sns!^^Ix- 
7';^fc^i> «a-fe>^' 2 frJ:-5§ii#i:LT©#«*5# 
■^-^riTV^-sfcje), ;i©rFnjr-7';i/&fflViT:^;-Fffl 
7-y'J 3 >05=-x >7 ^ff 3 e: t *- FMt 

^2\zi:^m^^^^t^Z.tX. «»U«;^7-FfSff7n 
tii— tfXg##©*I^tcj;57FiEf?^^$B&±T?. ;i 

30 [0 0 4 1 ] «a-t>^ 2 mMrziy7.y-mi$. 

thXhiiW Z.(Dm^. ff^x-7>tmH«t«S 
ir>^2tJ;5^«ti##$n^j:t,i^t, ±.WM'mo^1> 
C, I C;^;-F4i^Ti^Blx-7';K;:S-ciX5^x-yi'H 

ff'Sfrae). ^±'&.i)m<. 'mmx(nm,mfi^-^mt&t!- 
[0 0 4 2] 

mmmim^n^^^m\z. mittim^--:r)v=s:ti 

- Ffgff-k>^ 1 ;0S;«3- Fffla^*3 ^^LT I C:^- 
40 F4fc«l&-t5J;5trbTt>J;V^„ 

[0 0 4 3] Src> ffFiiIx-^;KCE1iT?>^x7i'ffl 

77°U ^-V3 >{C^^ bX-^aiScM, x-^^&^ffi 

[0 0 4 4] Sfc> -y— k'XM«^®*-Fffi77'Uy 

1J— kxSftggi^i c:^j-F4^ir'y FLT. m 
M©:*;- F ffl 7 :/'J -> 3 > © I C * - F 4 
50 S*SA;^-r-5o i©A;^(c*i;T. 1)— fcfxJiftgg 
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^ 5 i: fiJSiJ L «^ tc «g 15 o fc 7 U ^r— > 3 > 

[0 04 5] (m 2 osjsjgsi) *mm(Dm 2 ©njij^ 

?SfT-ir>:?6t, ;«J-FfflaSii*7t, IC;^7-K8 

[0 0 4 6] :ij-HflfTHz>^6(i. fiJffl#H^^-rs I 

^^-v3>C■'J!/^T, 77°U^r->'3>IDi:, 

[0 0 4 7] ;i;-H%fT-tr>^6(i. ^-t:XJf«-9— 
A'QA^e,, ^J;ta*-H ID,i:U— t'X««#IDi:7 

s*ft«fc-^*tT57:/u ^r->/3 > I D tm-rsA 

- H I Dtcm-rsnt^sB mv— 
e,^^!is b> ^mnmr'^\zm%Lrz/\ -y 

-A*9ti3i«-rs. 

c*- F 8 \zi]~ Fffl7:/U ^r- V3 y^m^^t^D— 
lixmmizMhrm^mv. m^oysmit^MnS) 

D> ^J^«, 17^U^r-v3>«t. ti~v-^(Dmm 

mf^wm^mrmmt^m izm&^m^j ■/ u "r-y 3 

[0 0 4 9] *-F5gffHr>^6tt. -y— t'XS 
«-!t-A9*^6. -y— Hxa«*IDi77'U^-X3 

^1filfc*f bX, ^SJ^«77°U ^— >3 >©ffll^BI!t^ 
oitlg^KSt-^o fi43, :iommmit. IC:^;-F8 



(7) 

J2 

Fffl77'U ir-va >;itHij|^Stirc«^C I C 
- F 8 i 0 -t^- H XSftIf- A- 9 ('M b T?gff S n 

^if«T^D> m^\t. ffl^snfe7yu^-v3>i 

D<!:;fj-F ID^^-^£r= ;i®iEHJ»H, ^JAtflC;'; 

- F 8 ®«^»T?=S/0%$nTl^Tt> 

;^-F^ff-tr>^6tt, I C*-F8©^x.^lltSffl 
ViTg«^«^T-5;i<ht:<fcD, iiEHJ»©IEStt€«IS 

[0 0 5 0] :^7-Fffl9Sg*7fi, IC*-FU-:5^/ 

A9t©Pa©x-;?'mSfl^5ff5o flsiAa, fi~m 
aS*7tt, fiJffl«*^?,Atr$ti;t*-Fffl7^U':r- 

->3 >©^'':7>D- \^xmm(Dm^m^io- f u-^ 

I C;^;- F 8 *^6S#Lfc*- F I DS;^;- Fffl7yu 
a3SS*7(i, -y— A9*^^SflLfc75'-tr 

XM*, Bt^ft^nfcAv-yrLffl, *-Fffl7:/'jy- 

20 v3>#S*-FU-:?'/7'f^S^LTI C;^7-F4 

[0 0 5 1] IC^;-F8tt. MPU> ROM, RA 
M. EEPROM^^WtS I C5"-y7S-ffix., Z.<Dl 

«ClBffi:$ti§7°u^'^A^IIff-r§ J; 
n^SdffllglS 8 1 U 8 2 iAffi;^fil»§l58 3 i^ii 

AS. 

[0 0 5 2] SiJ^ggS in, ;^-F*!ia«*7 75^e,©, 
^ryyu- F®S*> - Fffl7::^U ^-v-a >©fJI» 
30 o:>^7!^m^xt)-^nrz:it(DmmzfS.cx. ^^utte 

1i$n?.;^3- F I D#^;?j- FiSLSST^r fcSflT^o 
[0 0 5 3] ^tz. mWmS 1 li, 1f-t'X««1f-A- 
9*^^©, I C;^-F8-v©7i7irXg^ (mS^) 
tut^ft ^ nfc /\ y i/ i-li <h * - F ffl 7 y - a > 

^^^j-Ffflaii*7S^UT^flt5t, Bt^fbsn 

fcA'y5/i«tft#SnTVi-5*^©^iE*f?5, 

T> *«*«jEblttia, ^^'J 8 2fc|Bli$nTVii)llt 

m (*-Fffli5^ji) sfflViT, Bt^^tsnfcAyv 

^mmmtt^c 'AiZ. «^{bLfcA-yvrL«^. s 

« gb&*-Fffl77'Uir— >3 >tS^'V^TfPfi!cbfcA 
-yviffiiH^rSo ^bT, lt«bfcA->v:ifl;^)t- 
i6:-r§«^tli, SiJ»8i(i. /tU8 2fc*>tt^* 

- Fffl77°'J ^r-v3 >5iBtgT^;fci6©fBflM«t;:, 
Sflb/i;^-Fffl77°U^-V3>$fBtSt-5o Sfc, 
tb«bfcA-y->a.M/4^-l:b;^£t^JS^fc«, MUSES 1 

n. *-Fffl7:^u^r— >3>^m^©iaiiffi«(ciBis 

1-s;it;^<. ;f;-F«!iaS*7{rx7-€^&^ffib 

[0 0 5 4] *fc. affllgB8 Ifi, A- 
50 9A^e,©. ;*3-Fffl7:/Uir— >3>®fJltg*^$* 
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(8) 

13 

a>ID. ^(DI C*-P8 0:ft-H IDll^^trlEK 

m^-n- FMas*7 s^LTii— t*7.sffiij— A9 tc 

[0 0 5 53 U 8 2H, Bt^H (*-HfflS5^ 

8 3 \t. %~ Hffla^* 7 tOx-^S'ilffl^ W 

[0 0 5 6] +t--ifx^«-»t-;s-9fi> 

ffl A - F ffl 7 7° U — > 3 > 0^#t^ 5 /V (Oit- 

©77''J^r— >3>IDt, -y— h'X^««ID^&-g-tr 
Bt^fb $ >y V ^ fl ^ ;^ - K ^fr-k >^ 6 e, Sft 

[0 0 5 7] S^c, li— t:*;^il#t1J— n9(i, %-Y%L 
as* 7 B CO ;d - h' ffl 7 'J > 3 > ©giJI^S*jl 
atr^S^LT, Ji^$nfc7:/'J ^r-i>3 >C7)fJ|^S« 

H^aaS* 7 *:fhLT I C;;j-H 8 tMft-rSo 30 
^tT. I C;^;-F8;5^50iEBJ»&;?j-FMffl«*7 

[0 0 5 8] ifet, ^0^2©||»^t|^^vXxA 
fC*5ViT. I C:^-F8lr*-Hffl77'U'5r-— >3>£ 

afei.fijffl#«. *-H«!iaa*7fri c*-F8 

ID : 3 2 3 2) hLT. 
■9— A 9 ^ ;f7 - F ffl 7 ^ 'J ^r- 3 > © ^':7 > 

n-Fg^^A^^-rSc i^ntJSCT, ^-FffliSS* 40 

T, *-HID rs 2 3 2J ^^JKftb. *-Hffl77° 

7:/U^r-v3>ID§^W ttfeiCIt- ^:XM#t-y- 
-A'9Cii{I■ri) (7>x>7yS 11, S 1 2) „ 
[0 0 5 9] y-^n-HS^^Smtifclt-lfZStt 
iJ— n9«, SffLfc:^-HlD r3 2 3 2j <!:. 
^nfc:^- Hffl77°U ^r-v3 >©77'U^-i/3 > I 

T, *-HMT-fc>^6(CSl#f§ (Xx>J/7'S 1 50 
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3) o 

[ 0 0 6 0 ] K -fe 6 aS*1ta®gfl 
tJS§L, ;iCDS{fx-^f:#Sn§7y'J^r-v3> 

D rs 2 3 2j \znm-^%^m. ri 2 1 2j 

A'9HS«T5 Ux7:/S14) o tfe, *-H^fT 

5) „ ^UT, ll#1t«{-»:3\^T1f-k'XJlft#;5t;?j 
-FID r3 2 3 2j t*-Fffl77U-y-v-a>*fI 
ttl- 5 :i t C jct LTiS# ^ff o 

[0 0 6 1 ] -9— t'Xilft-y— A9fi, *-F^ 
fT-k >i5^ 6 *i 5 ^fi UfcBt^ft S A 7 :xtt<h, S 
«$nfc:^-Hffl7y'J'^— >H>i:, 7^-lrXg* 

*-Fffla«*7S^bTI C:^J-F 
8{3M#-r^ (Xx>;/:/Sl 6) „ 

[0 0 6 2] IC:if;-H8tt, SdLfclt^ftSnfrA 

^» (*-FfflS:>^») ^fflV^T9gf?^t^ti;^cA<yvzL 
SffiLfc;^?- Fffl77°U ^r--va >fcSci>^Tf^^Lfc 

7) o 

[0 0 6 3] ttKbfeA>7'>a«!0S^itt-^«^, I C 

fc*-Hffl77'U'^— >a>&, ^^U8 2©;t(-Hffl 
77°'J^r-v3>fflSl^tr;^|^-r^ (Xx-yt/S 1 

8) „ 

[0 0 6 4] Sfc, J:tKbfcA7->ifi;5S"^aU^£Vi:g 

'^xitm^^i^mf3i'h(Dr&^m^miz\t, ic;^;-f 
8ti, -gsij^a, ^o:^-Fffl7:/'J'5^—>3>?£*-F 

ffl 7 7' U ^r- $/ 3 ©IHli^«fcg1g1- § ^ i tS < 
*LT, ;^7-F«!ia«*7{:X7-'fi^^SfflT5^0 
3f^OX7-®aS*fff -5 UxyT'S 1 9) o 

[0 0 6 5] mz. ^(Dm2<Dmmmm\z%^>'7.y-M. 

fc43l>T, I C:^;-F875^e>*-Fffl77''Ja'-->-3> 
S:g'J^T§«^©ffl:a^gIl 0^#!iiLTi5JSJ|-r5. 0*1 
;fj-FS!ia^*7tI C;^-F8 (;^- 
FID: 3 2 3 2) ^-b-yFLT< IC:^-F8CSB1t 
$nTl^5;^-Fffi7:/U^— >3>ffl«g*&A;^ 

■r^o ;in{c;£i;T, *-Ffflas*7{i7y'j^r-v 

a >(DfJ^(DS*®A:(3^ I C*- H 8 izM^LX. 13 
-FID r3 2 3 2j^&«#L, *-Fffl77'Uy- 
>/3 >®BiJltS*aa (m^>^«07yU ^r-va > I 

(Xt^-vT'S 2 1. S 2 2) „ 
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[0 0 6 6] fflits*^s«ufcif-H7.att-y— ng 

LTI C*-K8 tSft-rS Ut^-j/T'S 2 3) . 

^filcfS Ux7 7'S2 4, S2 5) . -S-LT, 

A9{cS#f-5 (X?y7'S2 6) . 10 
[ 0 0 6 7 ] \i7.^m-n 9 fi, I C h' 8 75^ 

[0 0 6 8] ^©.t-Sl^LT, I C;^-F8fc;!!j-Hffl 
-va >©1f^S I C;&- F 8 trH=ff©||Tlit^^bLfe 

+)■- li'Xtffifc+h- n9H<j;?. I C;^-F8^CD:^J-Hffl 

h^mm-^z.tt^i;'^^, ^fc. I C*-F8{c:<fcf3 

ffS-itT, tXJIftit- A9t'^®iiEM»SllffiS 
-a-5:^t^CJ;D, *-Fflff-lr>3'6Tfi, ^IC^ 
- F 8 'v.co;!?- Fffl7yj ^-va >iZS»Rmm^ 

[0 0 6 9] I C;f3-F8®*-Fffl77°U^^- 

v^>S§J|»•r§«^^), §»««^<i:|Hl1itc> :^-F 

«i*«5«»bT, *-Fffl7:^U^r">3><DgiJ|i^ 
g^t t%(::BgSEltS I C*- F 8 t^fLTSM-rs. 
[0 0 7 0] sfr, -y— k*;^»^#©*-Fffl7:/'Jir 

it. *-t:Xii«ggt'I C*-F8&-fe>y FLT> 3f 
McO;^-Fffl7yu^-v3 >CD I C;^;- F 8 
S3t*A^t-?.» :^OA:^Jt;Si;T, t^-HX^#fc£M 
;^-FlDt7y'J^-V3>ID5*-Ffgff-t 

M<!:#«$*-F5!fT-fe>3'6*^e,]R#L, Jg^S^fc 
;i;-Fffl77'U^-v3>t<i:feC I Cij-F8tg 

To ic:^j-F8tt, ±tmmtnm\zbx. m^'Bos 
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^l^tt/tU 8 2O0f^fBti^«{C;^-Fffl7:/U^r- 

->3 y^mmh. tW!Sijb/t«^tfi§it® 

ofc7:/'J'5^-va >5«*1--5^©X7-^!iaSff 

•5c 

[0 0 7 1 ] Sfc, *-F»ff-t>^6H*3V^T, IC 
A - F 8 ffll§^»Tlit^'ft;T§ t)©(i77°U ^r-va > 

7^,j /r_,>3 > I I Ctl- F 8 ©Bf^HTBS^ft 

i^T5=t5icUTfe<fcVi= ic*-F8H, 

^€&«IIELfc^, Bt^'ft$nfc7:/U'^— >3 > I D 

£Bf^»Ttt^ftL. aftLfc*-Fffl7^'Jar— >3 
>ro77°U':r-va > I DT^Sd^SrWSrj-r2>o 
[0 0 7 2] -^rc. ;^"Fffl7yj^r— >3>© I 

- F 8 'vossn^feioT I c*- F 8 mm^^ 

TJ; 5 fr, t'XMttU— 9 li, I C*- F 8 {i*f 

LT, aifecDtfie^&s^-rs (xx'y:/s3i) „ ;in 

Izmi^X. IC*-F8tJ, SLiC*4fr£L. 
l^#^1f-t'X*l«+)— A 9 tiiffltS 7°S 3 

2) » t'x»«-)i— A'9}i. g#bfcaft#i, y 

'J'^u- F^^*©^7- Fffl7y'J '!r-j/3 >©7:/>J 
— >3>I D#*:i7-FfgfT-fe>y 6(lSffi-r5 
^'T'SS 3) . 

[0 0 7 3] cnflJ^CUT, :^-F56fT-l:>^6tt, S 
mLfc77'U^r-e>3>ID lC*f jSt" 5 A >y -> a« 
^ffif. ^LT. i!^5*.fflL^cA7'>alSi§fflUfcai^ 

^y:/S3 4) ifz. *-FMf-b>^6«, -y--t'7; 

fc;«j-Fffl7^U^r—>3 >^7i'-kXS*<h<h'bt I 
[0 0 7 4] IC;^-F8tt, SflbfcfFnI1f«<£;«J- 

- Fffl77°U ^r-va >(cSo'V^Tf^figbfc#lELfcA 
>y->ifiS, SflLfcA-;/Vifit!l^t-?. (Xx^;/:/ 
S 3 6) 0 

[0 0 7 5] ^LX. a^©Ba^^*tA7VnflO!i 
7yU^r— >3>$>(iEU8 2©^^ffi«{C^|flL (X 

5^>yys3 7) , ii-rn*^®fig^«^;5sx^-§^-r« 

^©*-Fffl77'U^-V3>?ri3If€««fctB 
1i-r?.;ii:;^<s<M£bT, ;^j-FMas*7trx^-'(i 
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8) c 



[0 0 7 6] ^(D^olzLT. aSc^fflViS^^ctti 

n-f, ^ CO - F ffl 7 :/ U ^r- V 3 > tc-jt/^lf 
WicttH «S|A«aiS:t77'U';r-v3>ID*;d-H 

T-y— fxiSft-y— A 9 tftS&l- s J; t brfe ctv^o lo 

T©^^i:77'U ir— >3 > I D f:?l5T©Rg-&<£ff 
5, 

[0 0 7 7] ±tS*ffi^Jl'43l/^TfflV^Sflt^;^iC 

[0 0 7 8] ^fc. mitm2(Dmmo3m\zm^ij 
-mm^^s. 7\i, «spis* mmnmm 

[0 0 7 9] ;^43, eiCD^McDv'XT-Aa, HfflOvX 20 
Mm T^X^. CD-ROM^) *^?>«^ni/ 

OS;5S^i-axHOSt7^'J^r-$/3>0*|^ 

[0 0 8 0] ;^j:4o, ^iiiSC-/n^^A^Sl:L> mn 

ffiffid'-y h7-i7®J|^« (BBS) fcK7°n5f7 
[0 0 8 1] 



* - K »fT -b > ^ t i; « g E ^ S T V i ;4 V i ft ^ -b > 
Cct^ I C:^)-F^077°U^->'3>©#t|&€SP^ 
L, ^^^7yu^r-i/3>©ffil&&pTfgt-r§„ 
[HBcDfS*;^ia?g] 

[01] *mm(Dmiommmm\z%^ii~\^'y 7,7^1. 

[02] ffHrx-:/;i/*liiM-r5fc*©0Tafe^. 
[03] mi(Dti-\i-y7.y'Arm^^n^icti-\^ 

[04] 01®:!!7-F->XxAfc:feViTI C*-F}I* 

[06] llr-:/;i'Sr®i?g-r5fe«)co07?J&5, 
[0 7] wk^mm=^m-t?>tcib(Dmr$>^, 

[08] 05CD^7-Hv7.xATffifflSn5 I CJ!J-H 
[09] 05(D:*I-H->7,TA{C*3ViTI C;^7-Ht;^/ 

[110] il5©*-K~>XxAtr*5V^TI C;^7-H!5^ 

[011] 05©*-Fv;^rA}z*3V^TI C^-Hfc 

Hffl7:/u ^r— /3 >£aifci-5»^©i!ia(Dffio 
«si*iKM-t5fc8i)©0T*s. 

K 6 *-H^ff-fe>^ 

2 «=3Hr>^ 

3, 7 A-F^aSS* 

4,8 I C^;-F 

5. 9 -if-h'X«ft+J— A 

4 1, 8 1 mm^ 

4 2, 8 2 ^tU 

4 3, 8 3 xmrnmrn 



[02] 
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[011] 



IC -y— fx ±— K 







S31:S|,»*ESES^ 








S32:a.ft«i£4S 
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1 ast 1 A7->affi 1 
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f S37: A S38: A 











(51) Int. CI. 7 
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(72)?g?§# 5# «C 

ax5? -^r^ •7->( • ir-^n 
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«M«?a:«E«j!HIHTi3#3^ t*it# 

F^-A(##) 5B035 AA06 M13 BB09 CA29 
5B058 KAll KA31 KA33 
5B076 BB06 FB02 FB09 
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directly. 



!i u-rsot,^ 'tastsUuvu a>a nuv cor ^ V \ v s 
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[Document Name] Description 

[Title of the Invention] A card system, an IC card, and a recording medium 

[Claim(s)] 

[Claim 1] Are the application supplied to the IC card published by the card issue center by the supply 
center the card system to memorize, and [ said IC card ] The permission table about the application with 
which supply was permitted by said card issue center is memorized. It is distinguished whether the 
application supplied from said supply center is registered into said permission table. The card system 
characterized by what this application is memorized to the predetermined field of the IC card concerned 
when said application is registered into said permission table, and predetermined error handling is 
performed for when said application is not registered into said permission table. 

[Claim 2] About each aforementioned application, it is set to said permission table by the check 
information concerned by which application machine ****** derivation is carried out, respectively, and 
[ said IC card ] Answer supply of the application from said supply center, and check information is 
drawn based on said supplied application. When it compares with the check information on the 
applicable application set as said permission table and said check information agrees The card system 
according to claim 1 characterized by what predetermined error handling is performed for when said 
supplied application is memorized to the predetermined field of the IC card concerned and said check 
information does not agree. 
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[Claim 3] Said check information is a card system according to claim 2 characterized by what a hash 
value is included for. 

[Claim 4] The card system according to claim 1 or 2 characterized by what the signature by a 
management organization is given to said permission table for. 

[Claim 5] It is the IC card for card systems which memorizes the application supplied to the IC card 
published by the card issue center by the supply center. The permission table about the application with 
which supply was permitted by said card issue center is memorized. It is distinguished whether the 
application supplied from said supply center is registered into said permission table. The IC card 
characterized by what this application is memorized to the predetermined field of the IC card concerned 
when said application is registered into said permission table, and predetermined error handling is 
performed for when said application is not registered into said permission table. 

[Claim 6] Are the application supplied to the IC card published by the card issue center by the supply 
center the card system to memorize, and [ said supply center ] Acquire attestation information from said 
card issue center, supply said attestation information and application which were acquired to said IC 
card, and [ said IC card ] The card system characterized by what the application from said supply center 
is memorized to the predetermined field of the IC card concerned when the justification of said 
attestation information from said supply center is checked and a check result shows normalcy, and 
predetermined error handling is performed for when a check result shows an error. 

[Claim 7] When said supply center supplies application to an IC card, A card identification signal is 
acquired from the IC card of the supply place of application. Supply said card identification signal and 
application identification signal which were acquired to said card issue center, and [ said card issue 
center ] [ the information about the application based on said application identification signal ] It is the 
card system according to claim 6 which supplies said supply center by making into said attestation 
information what was enciphered with the key of the IC card specified by said card identification signal, 
and is characterized by what said IC card checks the justification of said attestation information for 
using the key of the IC card concerned. 

[Claim 8] A supply center acquires a random number from the IC card of the supply place of 
application, when supplying application to an IC card. Supply the random number and application 
identification signal which were acquired to said card issue center, and [ said card issue center ] Said 
supply center is supplied by making into said attestation information what enciphered the information 
about the application based on said random number and said application identification signal with the 
key of the card issue center concerned. Said IC card is a card system according to claim 6 characterized 
by what the justification of said attestation information which generated the random number, supplied 
said supply center, and was supplied from said supply center is checked for using the key of said card 
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issue center. 

[Claim 9] Said IC card is followed on deletion of the application memorized by the IC card concerned. 
Draw up the deletion certificate about the application for deletion, supply the supply center of the supply 
origin of the application for [ said ] deletion, and [ said supply center ] A card system given in any 1 
clause of the Claims 6-8 characterized by what the deletion certificate from said IC card is transmitted 
for to said card issue center. 

[Claim 10] Are the application supplied to the IC card published by the card issue center by the supply 
center the IC card for card systems to memorize, and [ said IC card ] The attestation information which 
said supply center acquired from said card issue center is received. The IC card characterized by what 
the application from said supply center is memorized to the predetermined field of the IC card concerned 
when the justification of this attestation information is checked and a check result shows normalcy, and 
predetermined error handling is performed for when a check result shows an error. 

[Claim 1 1] It is the recording medium which recorded the program for making it function as an IC card 
which memorizes the application which is published by the card issue center and supplied by the supply 
center in a computer and in which computer reading is possible. A means to memorize the permission 
table about the application with which this computer was permitted to supply by said card issue center, 
A means to distinguish whether the application supplied from said supply center is registered into said 
permission table. When said application was registered into said permission table by said distinction 
means and it is distinguished. When said application was not registered into said permission table by 
means to memorize this application to the predetermined field of the IC card concerned, and said 
distinction means and it is distinguished, The recording medium which recorded the program for 
considering it as a means to perform predetermined error handling, and making it function and in which 
computer reading is possible. 

[Claim 12] It is the recording medium which recorded the program for making it function as an IC card 
which memorizes the application which is published by the card issue center and supplied by the supply 
center in a computer and in which computer reading is possible. A means to receive the attestation 
information to which said supply center acquired this computer from said card issue center. When a 
means to check the justification of said attestation information, and said check result show normalcy. 
The recording medium which recorded the program for considering it as a means to perform 
predetermined error handling, and making it function when a means to memorize the application from 
said supply center to the predetermined field of the IC card concerned, and said check result show an 
error and in which computer reading is possible. 

[Detailed Description of the Invention] 
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[0001] 



[Field of the Invention] This invention relates to the card system which memorizes the application 
supplied by the supply center which supplies application to the IC card published by the card issue 
center. 

[0002] 

[Description of the Prior Art] For example, the supplier (purveyor of service) of application supplies the 
application for cards at the IC card which the card publisher published to each user, and the card system 
which aims at multiple-purpose use of an IC card is known. In such a system, the user can receive the 
predetermined service by a purveyor of service by downloading desired application to a self IC card, and 
performing application built into the IC card, for example. 

[0003] 

[Problem to be solved by the invention] In the above card systems, supply of the application to the IC 
card by an inaccurate purveyor of service is prevented, for example, and the structure which can receive 
supply of application safely is needed. 

[0004] Moreover, when performing attestation processing of the supplier (purveyor of service) of 
application from a viewpoint of holding the safety of a system and the attestation processing long-time 
[ complication and ]-izes, there is a possibility of reducing the response of a system. 

[0005] Moreover, the proper fee collection management to each purveyor of service is wanted for the 
supply situation of the application to each IC card to be correctly grasped by the card publisher, for 
example, to realize etc. in the industry. 

[0006] This invention was made in view of the situation mentioned above, and aims at offering the card 
system which can supply application safely. Moreover, this invention sets it as other purposes to offer 
the card system which can prevent complication and long time-ization of attestation processing of the 
supplier of application. Moreover, this invention sets it as other purposes to offer the system which can 
manage the registration situation of the application for cards to an IC card. 

[0007] 

[Means for solving problem] [ the card system concerning the 1st viewpoint of this invention ] in order 
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to attain the above-mentioned purpose Are the application suppHed to the IC card published by the card 
issue center by the supply center the card system to memorize, and [ said IC card ] The permission table 
about the application with which supply was permitted by said card issue center is memorized. It is 
distinguished whether the application supplied from said supply center is registered into said permission 
table. When said application is registered into said permission table, this application is memorized to the 
predetermined field of the IC card concerned, and when said application is not registered into said 
permission table, predetermined error handling is performed. 

[0008] When according to such composition the permission table about the application which the card 
issue center permitted beforehand is stored in the IC card and application is downloaded to an IC card, 
the justification of the application is checked with reference to a permission table. Since the justification 
can be checked within a card, without asking a card issue center the justification of application by this 
whenever it downloads, the card system in which safety is high and attestation in a short time is possible 
is realizable, 

[0009] About each aforementioned application, it may be set to said permission table by the check 
information concerned by which application machine ****** derivation is carried out, respectively, and 
[ said IC card ] Answer supply of the application from said supply center, and check information is 
drawn based on said supplied application. When you may compare with the check information on the 
applicable application set as said permission table and said check information agrees When said supplied 
application may be memorized to the predetermined field of the IC card concerned and said check 
information does not agree, you may perform predetermined error handling. 

[0010] Said check information may also contain a hash value. 

[00 11] The signature by a management organization may be given to said permission table. Thereby, 
since it is checking the permission from both a card issue center and a management organization with 
consent substantially, checking application using a permission table can increase the safety of a system 
further. IVIoreover, the dishonest act by an application supplier's (purveyor of service) cooperation etc. 
can be prevented card issue origin by giving the signature by a disinterested management organization, 
for example. 

[0012] [ moreover, the IC card concerning the 2nd viewpoint of this invention ] It is the IC card for card 
systems which memorizes the application supplied to the IC card published by the card issue center by 
the supply center. The permission table about the application with which supply was permitted by said 
card issue center is memorized. It is distinguished whether the application supplied from said supply 
center is registered into said permission table. When said application is registered into said permission 
table, this application is memorized to the predetermined field of the IC card concerned, and when said 
application is not registered into said permission table, it is characterized by what predetermined error 
handling is performed for. 
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[0013] [ moreover, the card system concerning the 3rd viewpoint of this invention ] Are the application 
supplied to the IC card published by the card issue center by the supply center the card system to 
memorize, and [ said supply center ] Acquire attestation information from said card issue center, supply 
said attestation information and application which were acquired to said IC card, and [ said IC card ] 
When the justification of said attestation information from said supply center is checked and a check 
result shows normalcy, the application from said supply center is memorized to the predetermined field 
of the IC card concerned, and when a check result shows an error, it is characterized by what 
predetermined error handling is performed for. 

[0014] According to such composition, when supplying application to an IC card, the attestation 
information published by the card issue center is needed. Registration of the application to the IC card 
by the service offer server which does not acquire attestation information from a card issue center can be 
eliminated by this, and a safe card system can be offered. 

[0015] When said supply center supplies application to an IC card, A card identification signal is 
acquired from the IC card of the supply place of application. May supply said card identification signal 
and application identification signal which were acquired to said card issue center, and [ said card issue 
center ] [ the information about the application based on said application identification signal ] Said 
supply center may be supplied by making into said attestation information what was enciphered with the 
key of the IC card specified by said card identification signal, and said IC card may check the 
justification of said attestation information using the key of the IC card concerned. 

[0016] Moreover, when a supply center supplies application to an IC card, May acquire a random 
number from the IC card of the supply place of application, may supply the random number and 
application identification signal which were acquired to said card issue center, and [ said card issue 
center ] You may supply said supply center by making into said attestation information what enciphered 
the information about the application based on said random number and said application identification 
signal with the key of the card issue center concerned. Said IC card may check the justification of said 
attestation information which generated the random number, supplied said supply center, and was 
supplied from said supply center using the key of said card issue center. 

[0017] Said IC card is followed on deletion of the application memorized by the IC card concerned. The 
deletion certificate about the application for deletion may be drawn up, the supply center of the supply 
origin of the application for [ said ] deletion may be supplied, and said supply center may transmit the 
deletion certificate from said IC card to said card issue center. 

[0018] Since a supply center acquires attestation information from a card issue center by this whenever 
application is supplied to an IC card, the card issue center can grasp certainly that application was 
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supplied to each IC card. Moreover, when an IC card publishes the certificate about deletion of 
application to a supply center and a supply center submits the certificate to a card issue center, the card 
issue center can grasp certainly that application was deleted from each IC card. Moreover, about each IC 
card, since the card issue center can grasp registration and deletion of application certainly, it can 
perform proper fee collection management to a supply center. 

[0019] [ moreover, the IC card concerning the 4th viewpoint of this invention ] Are the application 
supplied to the IC card published by the card issue center by the supply center the IC card for card 
systems to memorize, and [ said IC card ] The attestation information which said supply center acquired 
from said card issue center is received. When the justification of this attestation information is checked 
and a check result shows normalcy, the application from said supply center is memorized to the 
predetermined field of the IC card concerned, and when a check result shows an error, it is characterized 
by what predetermined error handling is performed for. 

[0020] [ moreover, the recording medium concerning the 5th viewpoint of this invention ] It is the 
recording medium which recorded the program for making it function as an IC card which memorizes 
the application which is published by the card issue center and supplied by the supply center in a 
computer and in which computer reading is possible. A means to memorize the permission table about 
the application with which this computer was permitted to supply by said card issue center, A means to 
distinguish whether the application supplied from said supply center is registered into said permission 
table, When said application was registered into said permission table by said distinction means and it is 
distinguished, When said application was not registered into said permission table by means to 
memorize this application to the predetermined field of the IC card concerned, and said distinction 
means and it is distinguished, the program for considering it as a means to perform predetermined error 
handling, and making it function is recorded. 

[0021] [ moreover, the recording medium concerning the 6th viewpoint of this invention ] It is the 
recording medium which recorded the program for making it function as an IC card which memorizes 
the application which is published by the card issue center and supplied by the supply center in a 
computer and in which computer reading is possible. A means to receive the attestation information to 
which said supply center acquired this computer from said card issue center, When a means to check the 
justification of said attestation information, and said check result show normalcy. When a means to 
memorize the application from said supply center to the predetermined field of the IC card concerned, 
and said check result show an error, the program for considering it as a means to perform predetermined 
error handling, and making it function is recorded. 

[0022] 

[Mode for carrying out the invention] The card system concerning the form of operation of this 
invention is hereafter explained with reference to Drawings. This card system is for downloading and 
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building the various applications for cards supplied by the supplier (purveyor of service) of application 
into the IC card which the card publisher published to the user. 

[0023] (The 1st embodiment) The system composition figure of the card system concerning the 1st 
embodiment of this invention is shown in drawing 1. This card system is equipped with the card issue 
center 1, the management center 2, the card processing terminal 3, IC card 4, and service offer server 5 
of each purveyor of service so that it may be illustrated. 

[0024] The card issue center 1 performs issue of IC card 3 to a user etc. In issue of this IC card 3, [ the 
card issue center 1 ] Based on the application for cards which each service offer server 5 distributes, the 
predetermined table (permission table) about the application for cards is created, and grant of a signature 
is received from the management center 2 to the permission table. And the permission table on which 
the signature was given, and predetermined card information, including card ID etc., are recorded on IC 
card 3 for issue, and are published. 

[0025] [ the permission table generated by the card issue center 1 ] For example, as shown in drawing 2, 
information, including Application ID, a hash value, etc., is set up about the application for cards which 
each service offer server 5 offers for every purveyor-of-service ID for identifying the service offer server 
5. This hash value is generated based on the information on a meaning, for example for every 
applications for cards, such as a program of the application for cards. 

[0026] The management center 2 gives a signature (administrator signature) to the permission table 
which the card issue center 1 generated according to the demand from the card issue center 1. 

[0027] The card processing terminal 3 is equipped with IC card reader / writer, and mainly performs 
data ****** between IC card 4 and the service offer server 5 etc. For example, the card processing 
terminal 3 notifies the demand of download of the application for cards inputted by the user to IC card 4 
through a card reader/writer. The card ID received from IC card 4 according to this is transmitted to the 
service offer server 5 with the download demand of the application for cards. Moreover, transmission 
etc. makes application for cards received from the service offer server 5 IC card 4 through a card reader/ 
writer. 

[0028] IC card 4 is equipped with IC chip which has MPU, ROM, RAM, EEPROM, etc., and as this IC 
chip is shown, for example in drawing 3, it is equipped with the control part 41, the memory 42, and I/O 
control unit 43 which are realized when MPU executes the program memorized by ROM etc. 

[0029] The control part 41 transmits the card ID memorized by the memory to the card processing 
terminal 3 according to the predetermined notice from the card processing terminal 3. And the control 
part 41 will create the hash value of the application for cards, if the downloaded application for cards is 
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received from the card processing terminal 3. And the appHcation ID of the received appHcation for 
cards and the created hash value are compared with the preset value of the permission table memorized 
by the memory 42. 

[0030] When Application ID and the hash value which were compared are in agreement The control part 
41 memorizes the application for cards received to the storage area for memorizing the application for 
cards in a memory 42 noting that the application for cards is beforehand permitted to the card issue 
center 1. 

[0031] moreover, when Application ID and the hash value which were compared are not in agreement 
The control part 41 performs predetermined error handling, such as transmitting and carrying out the 
error display of the error signal to the card processing terminal 3, without distinguishing, if it is not the 
application for cards which the card issue center 1 permitted, and memorizing the application for cards 
to a predetermined storage area, 

[0032] A memory 42 memorizes a permission table, card information, the application for cards (card ID 
etc.), etc. I/O control unit 43 controls data conununications with the card processing terminal 3. 

[0033] The service offer server 5 is a server for performing offer of the application for cards to IC card 4 
etc. The service offer server 5 is read from the memory part which answers the download demand of the 
application for cards from the card processing terminal 3, and does not illustrate the applicable 
application for cards, and transmits to the card processing terminal 3 of a requiring agency. 

[0034] Next, in the system concerning this 1st embodiment, the processing in the case of registering the 
application for cards into IC card 4 is explained with reference to drawing 4. For example, a certain user 
sets IC card 4 to the card processing terminal 3, and inputs the download demand of the application for 
cards (application ID: 123) which the service offer server 5 (purveyor-of-service ID:BBB) offers. 
According to this, the card processing terminal 3 notifies the input of a demand of download to IC card 
4, acquires Card ID etc., and transmits to the service offer server 5 with the download demand of the 
application for cards of Application ID "123" (Step SI, S2). 

[0035] The service offer server 5 which received the download demand reads the application for cards of 
the applicable application ID "123", and transmits to IC card 4 through the card processing terminal 3 
(Step S3). 

[0036] IC card 4 generates a hash value (for example, "23") about the received application for cards 
(Step S4). And it is distinguished [ the application ID of the received application for cards "123", and ] 
whether the generated hash value "23" agrees with the preset value of the purveyor's of service ID 
"BBB" permission table memorized by the memory 42 (Step S5). 
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[0037] When Application ID and the hash value which were compared agree, noting that IC card 4 is 
just application to which the received application for cards is permitted from the card issue center 1 It 
stores in the field for applications of a memory 42 for cards (Step S6). 

[0038] moreover, when Application ID and the hash value which were compared do not agree with the 
preset value of a permission table for example [ the IC card / the received application for cards ] noting 
that IC card 4 is unjust application which has not obtained the permission from the card issue center 1 
For example, it eliminates without memorizing the application for cards to the storage area for the 
applications for cards, and predetermined error handling of transmitting an error signal to the card 
processing terminal 3 is performed (Step S7). 

[0039] Thus, the permission table about the application for cards which the card issue center 1 permitted 
beforehand to IC card 4 is stored. When downloading the application for cards to IC card 4, the 
justification of the application for cards is checked with reference to a permission table. Since the 
justification can be checked within a card, without asking the card issue center 1 the justification of the 
application for cards by this whenever it downloads, the card system in which safety is high and 
attestation in a short time is possible is realizable. 

[0040] moreover, [ the permission table stored in IC card 4 ] Since the signature as an administrator by 
the management center 2 is given, it is consent to check application for cards using this permission table 
as substantially as checking the permission from both the card issue center 1 and the management center 
2. Therefore, the safety of a system can be increased further. Moreover, the dishonest act by a purveyor's 
of service cooperation etc. can be prevented card issue origin by giving the signature by the disinterested 
management center 2, for example. 

[0041] Moreover, it is good also as system composition except the management center 2. In this case, 
like the above-mentioned explanation, although the signature by the management center 2 is not given to 
a permission table at a third party, since the check based on a permission table is performed within IC 
card 4, the card system in which safety is high and attestation in a short time is possible is realizable. 

[0042] Moreover, when the case where the application for cards which each purveyor of service offers is 
added, and a new purveyor of service are added, you may make it the card issue center 1 supply a new 
permission table to IC card 4 through the card processing terminal 3. 

[0043] Moreover, the data for a check memorized on a permission table is not limited to a hash value. 
For example, you may use the arbitrary functions which can derive a meaning numerical value, data, etc. 
to each application for cards. 
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[0044] Moreover, application for cards of a purveyor of service may be stored in a memory part, and 
service offer equipment equipped with a card reader writer may be used. In this case, a user sets IC card 
4 in service offer equipment, and inputs the write-in demand to IC card 4 of the desired application for 
cards. According to this input, service offer equipment reads the specified application for cards from a 
memory part, and passes it to IC card 4. IC card 4 checks application for cards based on a permission 
table, like the above-mentioned explanation, when the justification is checked, it records it on the 
predetermined storage area of a memory 42, and when it distinguishes that it is unjust, it performs error 
handling of eliminating the received application. 

[0045] (The 2nd embodiment) The system composition figure of the card system concerning the 2nd 
embodiment of this invention is shown in drawing 5. This card system is equipped with the card issue 
center 6, the card processing terminal 7, IC card 8, and service offer server 9 of each purveyor of service 
so that it may be illustrated. 

[0046] The card issue center 6 performs issue of IC card 8 to a user etc. The card issue center 6 records 
the encryption key (secret key for cards) of a meaning on the memory of each IC card 8 for issue for 
every card. Moreover, the card issue center 6 memorizes the key table which matches Card ID and the 
encryption key (public key for cards) of each IC card 8 as shown, for example in drawing 6. Moreover, 
the card issue center 6 memorizes the table on which the hash value generated about the application for 
cards which each service offer server 9 offers based on Application ID and its application for cards is 
matched. 

[0047] The card issue center 6 will read the hash value corresponding to the application ID contained in 
key demand information, if the key demand information which contains Application ID, for example 
with Card ID and the purveyor of service ID is received from the service offer server 9. And the 
encryption key (public key for cards) corresponding to the card ID contained in key demand information 
is read from a key table, the hash value previously acquired with the encryption key is enciphered, the 
signature by the card issue center 6 is given to the enciphered hash value, and it transmits to the service 
offer server 9 of a requiring agency. 

[0048] Moreover, the card issue center 6 generates and memorizes fee collection information including 
the time of purveyor-of-service ID and Card ID as shown in drawing 7, Application ID, and a 
registration date etc. based on the key demand information received from the service offer server 9. And 
it charges to the purveyor of service who supplies the application for cards to IC card 8 based on this fee 
collection information. The method of fee collection is arbitrary, for example, whenever the record time 
to a card carries out predetermined time progress, you may make it the predetermined amount of money 
charged for every application at application offer origin. 

[0049] Moreover, [ the card issue center 6 / server 191 service offer ] if the certificate about deletion of 
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the purveyor of service ID and application is received With reference to fee collection information, the 
fee collection information applicable to receiving data is specified, and information, including the 
deletion time of application etc., is set up as opposed to the fee collection information. In addition, this 
certificate is information published by IC card 8 to the service offer server 9, when the application for 
cards is deleted from IC card 8, for example, it contains Application ID, Card ID, etc. which were 
deleted. As for this certificate, the signature may be made, for example with the secret key of IC card 8. 
In this case, the card issue center 6 checks the justification of a certificate by checking a signature using 
the public key of IC card 8. 

[0050] The card processing terminal 7 is equipped with IC card reader / writer, and mainly performs 
data ****** between IC card 8 and the service offer server 9 etc. For example, the card processing 
terminal 7 notifies download of the application for cards or a demand of deletion inputted by the user to 
IC card 8 through a card reader/writer. The card ID received from IC card 8 according to this is 
transmitted to the service offer server 9 with the download demand of the application for cards, or the 
notice of a deletion demand. Moreover, the card processing terminal 7 transmits a hash value, 
application for cards, etc. which were received from the service offer server 9 and which were 
enciphered [ which were enciphered and were access-demanded ] to IC card 4 through a card reader/ 
writer. 

[0051] IC card 8 is equipped with IC chip which has MPU, ROM, RAM, EEPROM, etc., and as this IC 
chip is shown, for example in drawing 8, it is equipped with the control part 81, the memory 82, and I/O 
control unit 83 which are realized when MPU executes the program memorized by ROM etc. 

[0052] The control part 81 transmits the card ID memorized by the memory to the card processing 
terminal 7 according to the notice of the demand of the download from the card processing terminal 7, 
the demand of deletion of the application for cards, etc. having been inputted. 

[0053] Moreover, the control part 81 will verify the signature given to the enciphered hash value, if a 
hash value, application for cards, etc. which were enciphered as the access demand (write-in demand) to 
IC card 8 from the service offer server 9 are received through the card processing terminal 7. And if a 
signature is right, the enciphered hash value will be decrypted using the encryption key (secret key for 
cards) memorized by the memory 82. Next, it compares with the hash value which created the decrypted 
hash value based on the received application for cards. And when the compared hash value is in 
agreement, the control part 81 memorizes the application for cards received to the storage area for 
memorizing the application for cards in a memory 82. Moreover, when the compared hash value is not 
in agreement, the control part 81 performs predetermined error handling, such as transmitting and 
carrying out the error display of the error signal to the card processing terminal 7, without memorizing 
the application for cards to a predetermined storage area. 

[0054] Moreover, the control part 81 will delete the specified application for cards from a memory 82, if 
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the deletion demand of the application for cards from the service offer server 9 etc. is received through 
the card processing terminal 7. And the certificate containing the application ID of the eliminated 
application for cards, the card ID of the IC card 8, etc. is transmitted to the service offer server 9 through 
the card processing terminal 7. In addition, you may give the signature which used the secret key of IC 
card 8 for this certificate. 

[0055] A memory 82 memorizes an encryption key (secret key for cards), a card publisher's public key, 
card information, the application for cards (card ID etc.), etc. I/O control unit 83 controls data 
communications with the card processing terminal 7. 

[0056] The service offer server 9 is a server for performing offer of the application for cards to IC card 8 
etc. The service offer server 9 answers the download demand of the application for cards from the card 
processing terminal 7. For example, the card ID received with the download demand, the application ID 
of the demanded application for cards, and key demand information including the purveyor of service ID 
are generated, it transmits to the card issue center 6, and the enciphered hash value is received from the 
card issue center 6. And the service offer server 9 is read from the memory part which does not illustrate 
the application for cards applicable to a download demand, and transmits to IC card 8 through the card 
processing terminal 7 with the enciphered hash value and a predetermined access demand (write-in 
demand). 

[0057] Ivloreover, the service offer server 9 answers the notice of a deletion demand of the application 
for cards from the card processing terminal 7, and transmits the deletion demand of the specified 
application to IC card 8 through the card processing terminal 7. And the certificate from IC card 8 is 
received through the card processing terminal 7, and this certificate is transmitted to the card issue center 
6. 

[0058] Next, in the system concerning this 2nd embodiment, the processing in the case of registering the 
application for cards into IC card 8 is explained with reference to drawing 9. For example, a certain user 
sets IC card 8 (card ID: 3232) to the card processing terminal 7, and inputs the download demand of the 
application for cards which the service offer server 9 offers. According to this, the card processing 
terminal 7 notifies the input of a demand of download to IC card 8. Card ID "3232" etc. is acquired and 
it transmits to the service offer server 9 with the download demand (the application ID for download is 
included) of the application for cards (Step Sll, S12). 

[0059] The service offer server 9 which received the download demand generates the received card ID 
"3232", the application ID of the demanded application for cards, and key demand information including 
the purveyor of service ID, and transmits to the card issue center 6 (Step SI 3). 

[0060] The card issue center 6 answers reception of key demand information, and reads the hash value 
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corresponding to the application ID contained in this receiving data. Moreover, the encryption key 
"1212" corresponding to Card ID "3232" is read from a key table, and a hash value is enciphered with 
the encryption key, and the signature which used the secret key of the card issue center 6 for the 
enciphered hash value is given, and it transmits to the service offer server 9 of a requiring agency (Step 
SI 4). Moreover, the card issue center 6 generates and memorizes fee collection information using the 
receiving data from the service offer server 9 (Step S15). And based on fee collection information, a 
purveyor of service charges Card ID "3232" to offering the application for cards. 

[0061] Moreover, the service offer server 9 transmits the application for cards required as the enciphered 
hash value which received from the card issue center 6, and an access demand (write-in demand) to IC 
card 8 through the card processing terminal 7 (Step S16). 

[0062] IC card 8 is verified about the signature given to the enciphered hash value which received using 
the public key of a card issue center. If a signature is right, the hash value enciphered using the 
encryption key (secret key for cards) will be decrypted. And it is distinguished whether it agrees with the 
hash value which the decrypted hash value created based on the received application for cards (Step 
S17). 

[0063] When the compared hash value agrees, IC card 8 stores the received application for cards in the 
field for applications of a memory 82 for cards noting that it checked the justification of the transmitting 
agency (Step SI 8). 

[0064] moreover, when the compared hash value does not agree, or when a signature is unjust IC card 8 
is eliminated, for example, without memorizing the application for cards to the storage area for the 
applications for cards, and predetermined error handling of transmitting an error signal to the card 
processing terminal 7 is performed (Step S19). 

[0065] Next, in the system concerning this 2nd embodiment, the processing in the case of deleting the 
application for cards from IC card 8 is explained with reference to drawing 10. For example, a user sets 
IC card 8 (card ID:3232) to the card processing terminal 7, and inputs the deletion demand of the 
application for cards memorized by IC card 8. According to this, the card processing terminal 7 notifies 
the input of deletion of application of a demand to IC card 8. Card ID "3232" etc. is acquired and it 
transmits to the service offer server 9 with the notice of a deletion demand of the application for cards 
(the application ID for deletion is included) (Step S21, S22). 

[0066] The service offer server 9 which received the deletion demand transmits the access demand 
(deletion demand) for deleting the specified application for cards to IC card 8 through the card 
processing terminal 7 (Step S23). While deleting the application for cards with which IC card 8 was 
specified according to this from a memory 82, the certificate in which having deleted this application for 
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cards is shown is drawn up (Step S24, S25). And the drawn-up certificate is transmitted to the service 
offer server 9 through the card processing terminal 7 (Step S26). 

[0067] The service offer server 9 transmits the certificate received from IC card 8 to the card issue 
center 6 (Step S27). The card issue center 6 checks that the application for cards has been deleted from 
the received certificate, and sets the deletion time of the application for cards etc. as applicable fee 
collection information (Step S28). 

[0068] Thus, when registering the application for cards into IC card 8, that to which the card issue center 
6 signed what enciphered the information on the application for cards with the key peculiar to IC card 8 
is needed. Thereby, since the information for attestation which is not effective is generated by only the 
card with the card issue center 6, registration of the application for cards to IC card 8 by the inaccurate 
service offer server 9 can be eliminated, and a safe card system can be offered. Moreover, by making the 
certificate about deletion of the application for cards publish by IC card 8, and submitting the certificate 
to the service offer server 9 etc. In the card issue center 6, since registration and deletion can be certainly 
grasped to the application for cards to each IC card 8, proper fee collection management can be 
performed. 

[0069] jVIoreover, also when deleting the application for cards of IC card 8, you may make it need 
attestation by the card issue center 6 like the case of registration. In this case, the service offer server 9 
acquires the hash value and signature which were enciphered from the card issue center 6 like the case 
of registration, and transmits a code key to IC card 8 with the deletion demand of the application for 
cards. 

[0070] Moreover, application for cards of a purveyor of service may be stored in a memory part, and 
service offer equipment equipped with a card reader writer may be used. In this case, a user sets IC card 
8 in service offer equipment, and inputs the write-in demand to IC card 8 of the desired application for 
cards. According to this input, service offer equipment transmits Card ID and Application ID to the card 
issue center 6, acquires the hash value and signature to this which were enciphered from the card issue 
center 6, and passes them to IC card 8 with the specified application for cards. Like the above-mentioned 
explanation, a signature and the check of a hash value are performed, IC card 8 records the application 
for cards on the predetermined storage area of a memory 82, when the justification is checked, and when 
it distinguishes that it is unjust, it performs error handling of eliminating the received application. 

[0071] Moreover, in the card issue center 6, what is enciphered with the encryption key of IC card 8 is 
not limited to the hash value corresponding to Application ID, but should just be information [ meaning / 
the application for cards ]. For example, a signature is given to what enciphered Application ID with the 
encryption key of IC card 8, and you may make it supply the service offer server 9. In this case, after IC 
card 8 verifies a signature, it decrypts the enciphered application ID with an encryption key, and 
distinguishes whether it is the application ID of the received application for cards. 
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[0072] Moreover, in advance of the registration to IC card 8 of the application for cards, IC card 8 
generates a random number, and you may make it include the random number in the object of the 
signature by the card issue center 6. As shown in drawing 1 1 in this case, the service offer server 9 
requires generation of a random number from IC card 8 (Step S31). According to this, IC card 8 
transmits the random number which generated and generated the random number to the service offer 
server 9 (Step S32). The service offer server 9 transmits the application ID of the received random 
number and the application for cards for download etc. to the card issue center 6 (Step S33). 

[0073] According to this, the card issue center 6 reads the hash value corresponding to the received 
application ID, And the permission information which enciphered the read hash value and the received 
random number with the secret key of the card issue center 6 is generated, and fee collection of as 
opposed to [ again (Step S34) ] a purveyor of service in the card issue center 6 which transmits to the 
service offer server 9 of a requiring agency is performed. The service offer server 9 transmits the 
application for cards required as the permission information received from the card issue center 6 to IC 
card 8 with an access demand (Step S35). 

[0074] IC card 8 decrypts the received permission information with the public key of the card issue 
center 6, and acquires a hash value and a random number. And the acquired random number is compared 
with the random number which self generated. Moreover, IC card 8 compares the created hash value 
which was created based on the received application for cards with the hash value which received (Step 
S36). 

[0075] and when the both sides of the collation result of a random number and the collation result of a 
hash value are normal When the received application for cards is stored in the predetermined field of a 
memory 82 (Step S37) and one of collation results shows an error It eliminates without memorizing the 
application for cards to a predetermined field, and predetermined error handling of transmitting an error 
signal to the card processing terminal 7 is performed (Step S38). 

[0076] Thus, since it restricts once and the effective information for attestation is created by using a 
random number, the level of security can be raised. Moreover, also in this example, the object of the 
encryption in the card issue center 6 is not limited to the hash value corresponding to Application ID, but 
should just be information [ meaning / that application for cards ]. For example, you may make it supply 
the service offer server 9 by making into permission information what enciphered a random number and 
Application ID with the secret key in the card issue center 6. In this case, IC card 8 performs the 
collation about a random number and the collation about Application ID which were decrypted and 
obtained. 

[0077] Moreover, the code method used in the above-mentioned work example is not limited to a secret 
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key crypto system, but may use a common key encryption system. 

[0078] Moreover, the card processing terminals 3 and 7 in the form of the 1st and the 2nd operation 
contain a personal digital assistant (cellular-phone machine) etc. 

[0079] In addition, the system of this invention cannot be based on a system for exclusive use, but can 
be reahzed using the usual computer systems. For example, by installing this program from the media (a 
floppy disk, CD-ROM, etc.) which stored the program for performing above-mentioned operation in the 
computer The card issue centers 1 and 6 which perform above-mentioned processing, the management 
center 2, the card processing terminal 2, and 7 grades can be constituted. In addition, when OS is 
realized by cooperation of an assignment or OS, and application, you may store an above-mentioned 
function only through portions other than OS. 

[0080] In addition, it is also possible to superimpose a program on a carrier wave and to distribute 
through a communication network. For example, this program may be put up for the bulletin board 
(BBS) of a communication network, and this may be distributed through a network. And above- 
mentioned processing can be performed by starting this program and performing like other application 
programs under control of OS. 

[0081] 

[Effect of the Invention] As explained above, according to this invention, supply of the application to the 
IC card by the supply center which has not received attestation by a card issue center is eliminated, and 
supply of safe application is enabled. 

[Brief Description of the Drawings] 

[Drawing 1] It is the system composition figure of the card system concerning the 1st embodiment of 
this invention. 

[Drawing 2] It is a figure for explaining a permission table. 

[Drawing 3] It is a figure for explaining the composition of the IC card used by the card system of 
drawing 1. 

[Drawing 4] It is a figure for explaining the processing in the case of registering the application for cards 
into an IC card in the card system of drawing 1. 
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[Drawing 5] It is the system composition figure of the card system concerning the 2nd embodiment of 
this invention. 

[Drawing 6] It is a figure for explaining a key table, 

[Drawing 7] It is a figure for explaining fee collection information. 

[Drawing 8] It is a figure for explaining the composition of the IC card used by the card system of 
drawing 5, 

[Drawing 9] It is a figure for explaining the processing in the case of registering the application for cards 
into an IC card in the card system of drawing 5. 

[Drawing 10] It is a figure for explaining the processing in the case of deleting the application for cards 
from an IC card in the card system of drawing 5. 

[Drawing 1 1] It is a figure for explaining other examples of processing in the case of registering the 
application for cards into an IC card in the card system of drawing 5. 

[Explanations of letters or numerals] 1, 6 Card issue center 2 Management centers 3 and 7 Card 
processing terminals 4 and 8 IC cards 5 and 9 Service offer servers 41 and 81 Control parts 42 and 82 
Memories 43 and 83 I/O control unit 
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[Translation done,] 
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